Sergey Guzenkov https://linux.conf.au/schedule/30242/view_talk We will look into: differences between tshark and tcpdump, tools that come with wireshark: dumpcap,capinfos, mergecap, tshark, how to work with the capture files, how to select the interface we want to capture on, caveats in capturing (like vlans not being displayed), capture and display filters, the difference between them, statistics capabilities - this will be a big focus, graphing, decyphering SSL/TLS connection without access to server certificate.
Most of the tutorial will be done on the command line without a GUI.